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DETAILED ACTION 

1 . A request for continued examination under 37 CFR 1.1 14, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
November 28, 2005 has been entered. 

2. Claims 1-21 are pending. 

Response to Arguments 

3. Applicant's arguments, see Remarks, filed November 28, 2005, have been 
considered but are not persuasive. In response to the arguments concerning the 
previously rejected claims, the following comments are made: 

The Applicant argues claims 84, 85 and 86 of U.S. Patent 6,513,020 issued on 
January 28,2003 has no statutory difference with claim 10 of the instant application. The 
Examiner would like to point out the office does not compare patent prosecution but 
examines each application independently. In addition, the Applicant argues recent 
holdings from the Court of Appeals for the Federal Circuit, AT&T Corp. v. Microsoft 
Corp., No. 04-1285, 2005 WL 1631112, *4 (Fed. Cir. (S.D.N.Y) July 13, 2005), clearly 
shows that software code alone Is patentable as a process. The Examiner would like to 
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point out that court decision is not related to 35 U.S.C. 101 issue. It is related to 271(f) 
which is related to infringement of patent. See MPEP 35 U.S.C. 271. Therefore, the 
Examiner maintains the rejection of claim 10 under 35 U.S.C. 101 . For additional 
information the Applicant is encouraged to review 35 U.S.C. 101 Interim Guidelines for 
Examination of Patent Applications for Patent Subject Matter Eligibility, 1300 Off. Gaz. 
Pat. Office 142 (Nov. 22, 2005) 

The Applicant argues the combination of Gupta et al. (US 6,226,752, hereinafter 
Gupta) and Makower et al. (US Pub. 2002/0184507, hereinafter Makower) does not 
disclose or suggest "the interaction between a first system that grants session 
credentials based on successful authentication at the first system or successful 
authentication at a second system and a second system that grants session credentials 
based on successful authentication at a the second system". The Examiner disagrees 
and maintains the rejections. Gupta teaches a server that checks if a request has an 
active valid session and redirects the user to the login server. (Col. 7, lines 2-3 and lines 
5-6). Gupta also discloses a login server that authenticates and redirects the user back 
to the application server in which a user request is processed. (Col. 7, lines 10-14) 
Gupta discloses the application server checks if a request has an active and valid 
session and if there is no valid session, the application server redirects the user to login 
server. In addition, Gupta further discloses the login server authenticates the user and 
redirects the user back to the application server. (Abstract) Makower a decentralized 
authentication protocol where users authenticate themselves with any on of a group of 
federated servers a user with current session does not need to be reauthenticated by 
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other servers. (Abstract; Page 1. paragraph 10; Page 3, paragraph 20) In addition, 
Makower further discloses prompting a client with a login page and receiving a client 
browser that provides authentication information. (Page 4, paragraph 32) 

Therefore, all the elements of the claim limitations are explicitly or implicitly or 
inherently suggested and disclosed by the combination of the references on the record 
Gupta and Makower. It is the Examiner's conclusion that calms 1-21 are not patentably 
distinct or non-obvious over the prior art of record. Therefore, all the rejection is 
maintained as given below unless otherwise the applicant added a specific limitation in 
to the present independent claims, to overcome the rejection without introducing a new 
matter. 

Claim Rejections - 35 USC § 101 

4. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

5. Claim 10 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. It is not tangibly embodied as it is only software 
per se. It is suggested that the claimed subject matter "computer executable software 
code ..." should be changed to "computer executable code stored on a computer- 
readable medium 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which fomris the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

Gupta et al. (hereinafter Gupta) United States Letter Patent Number 6,226,752 further in 

view of Makower et al. (hereinafter Makower) United States Publication Number 

2002/0184507. 

As per claims 1,10 and 1 1 : 

Gupta teaches a method for validating credentials comprising: 

determining, at a first system that grants session credential based on successful 
authentication at the first system or successful authentication at a second system, that a 
client does not have a valid session credential by the first system; (Col. 7, lines 2-3; Col. 
1 1 , lines 46-49 and lines 65-66) 

retrieving, at the first system, information from a session token held by the client, 
the information corresponding to a possible session credential for the second system 
that grants session credentials based on successful authentication at the second 
system; (Col. 7, lines 3-4; Col. 11, lines 66-67 and Col. 12, lines 1-6) 

presenting at least some of the information from the session token to the second 
system; (Col. 7, lines 5-6; Col. 12, lines 13-23) and 

determining whether the client has a valid session credential with the second 
system. (Col. 7, lines 6-9; Col. 12, lines 25-30) 
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In addition, Gupta further discloses an application server checks if a request has 
an active and valid session and if there is no valid session, the application server 
redirects the user to login server. In addition, Gupta further discloses the login server 
authenticates the user and redirects the user back to the application server. (Abstract) 

Gupta does not explicitly disclose a first system that grants a session credential. 
Makower discloses a first system that grants a session credential. (Abstract; Page 1, 
paragraph 10; Page 3, paragraph 20; Users authenticate themselves with any one of a 
group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising a first system that grants a session credential. This modification 
would have been obvious because a person having ordinary skill in the art would have 
been motivated to do so, as suggested by, Makower (Page 1 , paragraph 8) in order to 
protect confidential information and reduce inconvenience for the user/client in having to 
remember different authorizations for different servers. A user that is authenticated in a 
first server can access a second server without repeating the authentication process at 
the second server. 
As per claims 2 and 14: 

The combination of Gupta and Makower teaches a method comprising granting a 
session credential to the client by the first system, after determining that the client has a 
valid session credential granted by the second system. (Col. 7, lines 10-12; Col. 12, 
lines 48-49 of Gupta) 
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As per claims 3: 

Tlie combination of Gupta and Makower teaches a method comprising sending a 
session token to the client, the token corresponding to a session credential granted by 
the first system. (Col. 12, lines 52-53 of Gupta) 
As per claim 4: 

The combination of Gupta and Makower teaches a method comprising directing 
the client to the second system to establish a session credential based on successful 
authentication at the second system, after determining that the client does not have a 
valid session credential granted by the second system. (Col. 12, lines 54-60 of Gupta) 
As per claim 5: 

The combination of Gupta and Makower teaches a method comprising directing 
the client to the first system to establish a session credential based on successful 
authentication at the second system, after determining that the client does not have a 
valid session credential granted by the second system. (Page 4, paragraph 31 of 
Makower) 
As per claim 6: 

The combination of Gupta and Makower teaches a method comprising 
maintaining the client session credential granted by the second system. (Col. 12, lines 
54-60; Col. 13, lines 24-26 of Gupta) 
As per claim 7: 

The combination of Gupta and Makower teaches a method wherein determining 
whether the client has a valid credential with the second system is at least partially from 
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presenting at least some of the information from the session token. (Col. 12. lines 66-67 
and Col. 13, lines 1-5 of Gupta) 
As per claim 8: 

The combination of Gupta and Makower teaches a method wherein retrieving 
information from the session token held by the client comprises: sending a query to the 
client from the first system, the query including identification as originating from a 
domain name corresponding to the second system; and receiving a response to the 
query. (Col. 12, lines 48-61 of Gupta) 
As per claim 9: 

Gupta teaches a method for validating session credentials of a client comprising: 

determining, at a first system that grants session credentials based on successful 
authentication at the first system or successful authentication at a second system, that a 
client does not have a valid session credential granted by the first system; (Col. 7, lines 
2-3; Col. 11, lines 46-49 and lines 65-66) 

retrieving, at the first system, information from a session token held by the client, 
the information corresponding to a session credential for the second system that grants 
session credentials based on successful authentication at the second system, wherein 
retrieving information from the session token held by the client comprises receiving a 
session token from the client corresponding to the second system; (Col. 7, lines 3-4; 
Col. 11, lines 66-67 and Col. 12, lines 1-6) 

presenting at least some of the information from the session token to the second 
system; (Col. 7, lines 5-6; Col. 12, lines 13-23) 
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determining whether the client has a valid session credential with the second 
system, wherein determining whether the client has a valid credential with the second 
system is at least partially from presenting information from the session token; (Col. 7, 
lines 6-9; CoL 12, lines 25-30) 

granting a session credential to the client on the first system, after determining 
that the client has a valid session credential for the second system; (Col. 7, lines 10-12; 
Col. 12, lines 48-49) 

sending a session token to the client, the token corresponding to the session 
credential on the first system; (CoL 12, lines 52-53) and 

maintaining the client session credentials. (Col. 12, lines 54-60; Col. 13, lines 24- 

26) 

Gupta does not explicitly disclose a first system that grants a session credential. 
Makower discloses a first system that grants a session credential. (Abstract; Page 1, 
paragraph 10; Page 3, paragraph 20; Users authenticate themselves with any one of a 
group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a first system that grants a session credential. This modification would have been 
obvious because a person having ordinary skill in the art would have been motivated to 
do so, as suggested by, Makower (Page 1, paragraph 8) in order to protect confidential 
information and reduce inconvenience for the user/client in having to remember different 
authorizations for different servers. A user that is authenticated in a first server can 
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access a second server without repeating the authentication process at the second 
server. 

As per claim 12: 

Gupta teaches a programmed computer for validating credentials, comprising: 
a memory having at least one region for storing computer executable program 

code; (Figure 1, item 115; CoL 7, lines 50-67 and Col. 8, lines 1-20) and 

a processor for executing the program code stored in the memory, (Figure 1, 

item 113; Col. 7, lines 50-67 and Col. 8, lines 1-20) wherein the program code 

comprises: 

code to determine, at a first system that grants session credentials based on 
successful authentication at the first system or successful authentication at a second 
system, that a client does not have a valid session credential granted by the first 
system; (Col. 7, lines 2-3; CoL 11, lines 46-49 and lines 65-66) 

code to retrieve, at the first system, information from a session token held by the 
client, the information corresponding to a possible session credential for a second 
system that grants session credentials based on successful authentication at the 
second system; (Col. 7, lines 3-4; Col. 11, lines 66-67 and CoL 12, lines 1-6) 

code to present at least some of the information from the session token to the 
second system; (CoL 7, lines 5-6; CoL 12, lines 13-23) and 

code to determine whether the client has a valid session credential with the 
second system. (CoL 7, lines 6-9; CoL 12, lines 25-30) 
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Gupta does not explicitly disclose a first system that grants a session credential. 
Makower discloses a first system that grants a session credential. (Abstract; Page 1, 
paragraph 10; Page 3, paragraph 20; Users authenticate themselves with any one of a 
group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a first system that grants a session credential. This modification would have been 
obvious because a person having ordinary skill in the art would have been motivated to 
do so, as suggested by, Makower (Page 1, paragraph 8) in order to protect confidential 
information and reduce inconvenience for the user/client in having to remember different 
authorizations for different servers. A user that is authenticated in a first server can 
access a second server without repeating the authentication process at the second 
As per claims 13 and 17: 

Gupta teaches a method for establishing session credentials comprising: 

determining that a client does not have a valid session credential for a first 
system based on successful authentication at the first system or successful 
authentication at a second system; (Col. 7, lines 2-3; Col. 11, lines 46-49 and lines 65- 
66) 

determining that a client does not have a valid session credential granted by the 
second system based on based on successful authentication at the second system; 
(Col. 7, lines 2-3; Col. 1 1 , lines 46-49 and lines 65-66) 
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sending, from the first system to the second system, the log in information; (Col. 
7, lines 5-6; Col. 12, lines 13-23) and 

receiving, at the first system from the second system, infonnation corresponding 
to a session credential for the second system, the session credential granted by the 
second system based at least in part on the log in information and successful 
authentication at the second system. (Col. 7, lines 10-12; Col. 12. lines 48-49) 

Gupta does not explicitly disclose a method comprising sending, from the first 
system to the client, a log in page; and receiving, at the first system from the client, log 
in information; and a first system that grants a session credential. 

Makower in analogous art, however, disclose a method comprising: 

sending, from the first system to the client, a log In page; (Page 4, paragraph 32; 
...web server prompts the client browser with a log in page ...) 

receiving, at the first system from the client, log in information; (Page 4, 
paragraph 32; the client browser provides authentication information...) 

a first system that grants a session credential. (Abstract; Page 1 , paragraph 10; 
Page 3, paragraph 20; Users authenticate themselves with any one of a group of 
federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising sending, from the first system to the client, a log in page; 
receiving, at the first system from the client, log in information; and a first system that 
grants a session credential. This modification would have been obvious because a 
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person having ordinary skill in the art would have been motivated to do so. as 
suggested by, Makower (Page 1 , paragraph 8) in order to protect confidential 
information and reduce inconvenience for the user/client in having to remember different 
authorizations for different servers. A user that is authenticated in a first server can 
access a second server without repeating the authentication process at the second 
As per claims 15 and 18: 

The combination of Gupta and Makower teaches a method granting a session 
credential for the second system. (Col. 12, lines 66-67 and Col. 13, lines 1-5 of Gupta) 
As per claims 16 and 19: 

The combination of Gupta and Makower teaches a method comprising 
associating session credentials for the first system and the second system with the 
client. (Col. 12, lines 54-60; Col. 13, lines 24-26 of Gupta) 
As per claim 20: 

Gupta teaches a method for validating credentials comprising: 

determining, at a first system that grants session credentials based on. based on 
successful authentication at the second system, that a client does not have a valid 
session credential granted by the first system; (Col. 7, lines 2-3; Col. 11, lines 46-49 and 
lines 65-66) 

redirecting the client to the second system that grants session credentials based 
on successful authentication at the second system; (Col. 7, lines 5-6; Col. 12, lines 13- 

23) 
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sending, from the second system to the first system, session credentials for the 
second system; (Col. 7, lines 6-9; Col. 12, lines 25-30) 

sending, from the second system to the first system, information indicating that 
the session credentials for the second system are valid. (Col. 7, lines 6-9; Col. 12, lines 
25-30) 

sending, from the first system to the second system, the session credentials for 
the second system; (Col. 7, lines 10-12; Col. 12, lines 48-49) 

determining, at the second system, that the session credentials for the second 
system, received from the first system, are valid; (Col. 13. lines 1-5) 

Gupta does not explicitly disclose a first system that grants a session credential. 
Makower discloses a first system that grants a session credential. (Abstract; Page 1 , 
paragraph 10; Page 3, paragraph 20; Users authenticate themselves with any one of a 
group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a first system that grants a session credential. This modification would have been 
obvious because a person having ordinary skill in the art would have been motivated to 
do so, as suggested by, Makower (Page 1, paragraph 8) in order to protect confidential 
information and reduce inconvenience for the user/client in having to remember different 
authorizations for different servers. A user that is authenticated in a first server can 
access a second server without repeating the authentication process at the second 
As per claim 21: 
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The combination of Gupta and Makower teaches a method comprising granting 
the client session credentials for the first system. (Col. 7, lines 10-12; Col. 12, lines 48- 
49 of Gupta) 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shewaye Gelagay whose telephone number is 571-272- 
4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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